Introduction

Microsoft Certificate Services can be installed on the domain controller on the internal network and issue certificates to hosts within the internal network domain, as well as to hosts that are not members of the Internal network domain. We will use certificates in a variety of configuration scenarios in this ISA Server 2004 Configuration Guide series, including to accomplish the following:

Allow the ISA Server 2004 firewall to use the L2TP/IPSec VPN protocol for a site-to-site VPN link

Allow the ISA Server 2004 firewall to use the L2TP/IPSec VPN protocol for a VPN client connection from a remote access VPN client

Enable remote users to access the Outlook Web Access site using highly secure SSL-to- SSL bridged connections

Publish secure Exchange SMTP and POP3 services to the Internet

The certificates enable us to use SSL/TLS security. The SSL (Secure Sockets Layer) protocol is a session layer protocol that encrypts data moving between the client and server machines. SSL security is considered the current standard for providing secure remote access to Web sites. In addition, certificates can be used to confirm the identity of VPN clients and servers so that mutual machine authentication can be performed.

In this document we will discuss the following procedures:

Installing Internet Information Services 6.0 to support the Certificate Authority’s Web enrollment site

Installing Microsoft Certificate Services in Enterprise CA mode

ISA Server 2004 Configuration Guide

16

Page 18
Image 18
Microsoft 2004 manual Introduction